VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

mám v compu malware změnil mi email v microcoftu

https://forum.viry.cz:443/viewtopic.php?t=159395

Stránka 1 z 1

mám v compu malware změnil mi email v microcoftu

Napsal: 23 pro 2023 21:20
od jirkabj
mám v compu malware změnil mi heslo a email v účtu microsoft nemůžu ho odstranit můžete pomoci?

------------------------------------------------------------------------------------------------------------------------
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-12-2023
Ran by sprzetowo (administrator) on DESKTOP-M8LDTVG (LENOVO 4480B4U) (23-12-2023 20:36:16)
Running from C:\Users\sprzetowo\Downloads\FRST64.exe
Loaded Profiles: sprzetowo
Platform: Microsoft Windows 10 Home Version 22H2 19045.3803 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <14>
(C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe ->) (IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(C:\Program Files\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(cmd.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\BrowserPrivacyAndSecurity.exe
(cmd.exe ->) (IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\SPNativeMessage.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler64.exe
(IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
(IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
(IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\RealTimeProtector.exe
(IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\Driver Booster\11.1.0\DriverBooster.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\efwd.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_866484083fc526af\Display.NvContainer\NVDisplay.Container.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19572536 2023-03-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [195576 2023-11-14] (ESET, spol. s r.o. -> ESET)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-1276438215-3619228080-4072379647-1001\...\Run: [MicrosoftEdgeAutoLaunch_F65DF9D52833C185E3A8339600663ABC] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3854280 2023-12-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1276438215-3619228080-4072379647-1001\...\Run: [Advanced SystemCare] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [5455880 2023-10-17] (IObit CO., LTD -> IObit)
HKU\S-1-5-21-1276438215-3619228080-4072379647-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\sprzetowo\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-1276438215-3619228080-4072379647-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\sprzetowo\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" [65858576 2023-12-23] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1276438215-3619228080-4072379647-1001\...\RunOnce: [Uninstall 21.220.1024.0005\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\sprzetowo\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\amd64" [0 2023-12-17] () <==== ATTENTION [zero byte File/Folder]
HKU\S-1-5-21-1276438215-3619228080-4072379647-1001\...\RunOnce: [Uninstall 21.220.1024.0005] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\sprzetowo\AppData\Local\Microsoft\OneDrive\21.220.1024.0005" [0 2023-12-23] () <==== ATTENTION [zero byte File/Folder]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\120.0.6099.111\Installer\chrmstp.exe [2023-12-23] (Google LLC -> Google LLC)
StartupDir: C:\Users\sprzetowo\AppData\Local\Temp\b64c58644b <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {A946B4BF-AD38-4447-BA2C-F210C311074E} - System32\Tasks\ASC_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [5507080 2023-11-27] (IObit CO., LTD -> IObit)
Task: {DEB50C94-D569-49DE-BE3E-473CC12CA3A0} - System32\Tasks\ASC_SkipUac_sprzetowo => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [11002376 2023-12-01] (IObit CO., LTD -> IObit)
Task: {CD1F44E3-49A0-4CFA-B967-A24A4D8D563D} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\11.1.0\Scheduler.exe [160744 2023-09-28] (IObit CO., LTD -> IObit)
Task: {74E1DD7C-40FF-406F-9883-07C0D9B123AE} - System32\Tasks\Driver Booster SkipUAC (sprzetowo) => C:\Program Files (x86)\IObit\Driver Booster\11.1.0\DriverBooster.exe [9044456 2023-10-26] (IObit CO., LTD -> IObit)
Task: {B14FD7E5-7A57-47F3-A15E-1B71B498CE40} - System32\Tasks\GoogleUpdateTaskMachineCore{90C3A1DA-F088-49D8-9DB3-61DD99793B9C} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-12-17] (Google LLC -> Google LLC)
Task: {8318BF9E-6A5B-4154-9F37-6B86D49F87AA} - System32\Tasks\GoogleUpdateTaskMachineUA{DED0EAD3-4673-4C13-BBB0-02098BAC9E1E} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-12-17] (Google LLC -> Google LLC)
Task: {107107E1-2114-4819-A765-4C5313644879} - System32\Tasks\Christmas Task (One-Time) => C:\Program Files (x86)\IObit\Advanced SystemCare\Pub\xmas.exe [2766344 2023-12-23] (IObit CO., LTD -> IObit)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{4d4307b4-39ac-4ef8-90b1-3b5a0001bfd3}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{4d4307b4-39ac-4ef8-90b1-3b5a0001bfd3}: [DhcpDomain] home

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\sprzetowo\AppData\Local\Microsoft\Edge\User Data\Default [2023-12-23]
Edge Extension: (Dokumenty Google offline) - C:\Users\sprzetowo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-12-17]
Edge Extension: (Edge relevant text changes) - C:\Users\sprzetowo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-12-17]
Edge HKLM-x32\...\Edge\Extension: [nkapkmklnmidbbgjaipbgpcnbomnaakc]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\sprzetowo\AppData\Local\Google\Chrome\User Data\Default [2023-12-23]
CHR Notifications: Default -> hxxps://www.youtube.com
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://seznam.cz/"
CHR Extension: (Dokumenty Google offline) - C:\Users\sprzetowo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-12-17]
CHR Extension: (IObit Surfing Protection) - C:\Users\sprzetowo\AppData\Local\Google\Chrome\User Data\Default\Extensions\imgpenhngnbnmhdkpdfnfhdpmfgmihdn [2023-12-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\sprzetowo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-12-17]
CHR Extension: (ESET Browser Privacy & Security) - C:\Users\sprzetowo\AppData\Local\Google\Chrome\User Data\Default\Extensions\oombnmpbbhbakfpfgdflaajkhicgfaam [2023-12-23]
CHR HKLM-x32\...\Chrome\Extension: [oombnmpbbhbakfpfgdflaajkhicgfaam]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService17; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [1268744 2023-11-23] (IObit CO., LTD -> IObit)
R2 efwd; C:\Program Files\ESET\ESET Security\efwd.exe [2537928 2023-11-14] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3850920 2023-11-14] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3850920 2023-11-14] (ESET, spol. s r.o. -> ESET)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_866484083fc526af\Display.NvContainer\NVDisplay.Container.exe [1274992 2023-12-23] (NVIDIA Corporation -> NVIDIA Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-17] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AscFileControl; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscFileControl.sys [40920 2023-07-13] (IObit CO., LTD -> IObit)
R3 AscFileFilter; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscFileFilter.sys [47904 2023-07-13] (IObit CO., LTD -> IObit)
R3 AscRegistryFilter; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscRegistryFilter.sys [46552 2023-07-13] (IObit CO., LTD -> IObit)
R3 cpuz154; C:\WINDOWS\temp\cpuz154\cpuz154_x64.sys [40976 2023-12-23] (Microsoft Windows Hardware Compatibility Publisher -> CPUID)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [215616 2023-11-14] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [120032 2023-11-14] (ESET, spol. s r.o. -> ESET)
R1 edevmonm; C:\WINDOWS\System32\DRIVERS\edevmonm.sys [122664 2023-11-14] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [16336 2023-11-14] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [254344 2023-11-14] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\System32\drivers\ekbdflt.sys [55528 2023-11-27] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [81824 2023-11-14] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [124168 2023-11-14] (ESET, spol. s r.o. -> ESET)
R3 iobit_monitor_server2021; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win10_x64.sys [33256 2023-07-13] (IObit CO., LTD -> IObit)
R3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [12183512 2023-11-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [55856 2023-12-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [594304 2023-12-17] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-17] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-12-23 20:36 - 2023-12-23 20:36 - 000013114 _____ C:\Users\sprzetowo\Downloads\FRST.txt
2023-12-23 20:35 - 2023-12-23 20:36 - 000000000 ____D C:\FRST
2023-12-23 20:34 - 2023-12-23 20:34 - 002387456 _____ (Farbar) C:\Users\sprzetowo\Downloads\FRST64.exe
2023-12-23 19:18 - 2023-12-23 19:18 - 074559488 _____ C:\WINDOWS\system32\config\SOFTWARE.iobit
2023-12-23 19:18 - 2023-12-23 19:18 - 004243456 _____ C:\WINDOWS\system32\config\DRIVERS.iobit
2023-12-23 19:18 - 2023-12-23 19:18 - 000368640 _____ C:\WINDOWS\system32\config\DEFAULT.iobit
2023-12-23 19:18 - 2023-12-23 19:18 - 000061440 _____ C:\WINDOWS\system32\config\SAM.iobit
2023-12-23 19:18 - 2023-12-23 19:18 - 000028672 _____ C:\WINDOWS\system32\config\SECURITY.iobit
2023-12-23 19:16 - 2023-12-23 19:16 - 000466456 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2023-12-23 19:16 - 2023-12-23 19:16 - 000444952 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2023-12-23 19:16 - 2023-12-23 19:16 - 000122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2023-12-23 19:16 - 2023-12-23 19:16 - 000109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2023-12-23 19:16 - 2023-12-23 19:16 - 000000000 ____D C:\Program Files (x86)\OpenAL
2023-12-23 19:15 - 2023-12-23 19:17 - 000000000 ____D C:\ProgramData\Package Cache
2023-12-23 19:15 - 2023-12-23 19:15 - 000000000 ____D C:\Program Files (x86)\Microsoft XNA
2023-12-23 18:37 - 2023-12-23 18:37 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2023-12-23 18:36 - 2023-12-23 18:36 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2023-12-23 18:34 - 2023-12-23 18:34 - 001541256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2023-12-23 18:34 - 2023-12-23 18:34 - 001487368 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2023-12-23 18:34 - 2023-12-23 18:34 - 001424064 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2023-12-23 18:34 - 2023-12-23 18:34 - 001424064 _____ C:\WINDOWS\system32\vulkan-1.dll
2023-12-23 18:34 - 2023-12-23 18:34 - 001246400 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2023-12-23 18:34 - 2023-12-23 18:34 - 001246400 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2023-12-23 18:34 - 2023-12-23 18:34 - 001227288 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2023-12-23 18:34 - 2023-12-23 18:34 - 001198728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2023-12-23 18:34 - 2023-12-23 18:34 - 000957960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2023-12-23 18:34 - 2023-12-23 18:34 - 000850616 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2023-12-23 18:34 - 2023-12-23 18:34 - 000850616 _____ C:\WINDOWS\system32\vulkaninfo.exe
2023-12-23 18:34 - 2023-12-23 18:34 - 000810096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2023-12-23 18:34 - 2023-12-23 18:34 - 000731320 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-12-23 18:34 - 2023-12-23 18:34 - 000731320 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2023-12-23 18:34 - 2023-12-23 18:34 - 000670232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll
2023-12-23 18:34 - 2023-12-23 18:34 - 000505480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll
2023-12-23 18:33 - 2023-12-23 18:33 - 015095408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2023-12-23 18:33 - 2023-12-23 18:33 - 012375688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2023-12-23 18:33 - 2023-12-23 18:33 - 007869576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2023-12-23 18:33 - 2023-12-23 18:33 - 006745768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2023-12-23 18:33 - 2023-12-23 18:33 - 006462600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2023-12-23 18:33 - 2023-12-23 18:33 - 005862512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2023-12-23 18:33 - 2023-12-23 18:33 - 005861000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2023-12-23 18:33 - 2023-12-23 18:33 - 003620488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2023-12-23 18:33 - 2023-12-23 18:33 - 002170992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2023-12-23 18:33 - 2023-12-23 18:33 - 001624712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2023-12-23 18:33 - 2023-12-23 18:33 - 000997512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2023-12-23 18:33 - 2023-12-23 18:33 - 000853640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2023-12-23 18:33 - 2023-12-23 18:33 - 000773744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2023-12-23 18:33 - 2023-12-23 18:33 - 000459912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2023-12-23 18:33 - 2023-12-23 18:33 - 000113947 _____ C:\WINDOWS\system32\nvinfo.pb
2023-12-23 18:31 - 2023-12-23 18:36 - 000000000 ____D C:\WINDOWS\LastGood
2023-12-23 18:17 - 2023-12-23 18:17 - 000003330 _____ C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (sprzetowo)
2023-12-23 18:17 - 2023-12-23 18:17 - 000003210 _____ C:\WINDOWS\system32\Tasks\Driver Booster Scheduler
2023-12-23 18:17 - 2023-12-23 18:17 - 000002370 _____ C:\Users\Public\Desktop\Driver Booster 11.lnk
2023-12-23 17:22 - 2023-12-23 17:22 - 000003390 _____ C:\WINDOWS\system32\Tasks\Christmas Task (One-Time)
2023-12-23 17:21 - 2023-12-23 18:17 - 000000000 ____D C:\ProgramData\ProductData
2023-12-23 17:21 - 2023-12-23 18:17 - 000000000 ____D C:\Program Files (x86)\IObit
2023-12-23 17:21 - 2023-12-23 17:21 - 000003318 _____ C:\WINDOWS\system32\Tasks\ASC_PerformanceMonitor
2023-12-23 17:21 - 2023-12-23 17:21 - 000003116 _____ C:\WINDOWS\system32\Tasks\ASC_SkipUac_sprzetowo
2023-12-23 17:21 - 2023-12-23 17:21 - 000001302 _____ C:\Users\Public\Desktop\Advanced SystemCare.lnk
2023-12-23 17:21 - 2023-12-23 17:21 - 000000000 ____D C:\ProgramData\ProductData3
2023-12-23 17:20 - 2023-12-23 19:19 - 000000000 ____D C:\ProgramData\IObit
2023-12-23 17:20 - 2023-12-23 18:17 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\IObit
2023-12-23 17:19 - 2023-12-23 17:20 - 054963608 _____ (IObit ) C:\Users\sprzetowo\Downloads\advanced-systemcare-setup (1).exe
2023-12-23 17:17 - 2023-12-23 17:18 - 054963608 _____ (IObit ) C:\Users\sprzetowo\Downloads\advanced-systemcare-setup.exe
2023-12-23 17:08 - 2023-12-23 17:08 - 000000000 ____D C:\Users\sprzetowo\AppData\Local\Backup
2023-12-18 03:49 - 2023-12-18 03:49 - 000000000 ____D C:\Users\sprzetowo\AppData\Local\CEF
2023-12-18 03:49 - 2023-12-18 03:49 - 000000000 ____D C:\ProgramData\Ubisoft
2023-12-18 03:48 - 2023-12-18 04:01 - 000000000 ____D C:\Users\sprzetowo\AppData\Local\Ubisoft Game Launcher
2023-12-18 03:48 - 2023-12-18 03:48 - 234916808 _____ (Ubisoft) C:\Users\sprzetowo\Downloads\UbisoftConnectInstaller (2).exe
2023-12-18 03:48 - 2023-12-18 03:48 - 000001327 _____ C:\Users\sprzetowo\Desktop\Ubisoft Connect.lnk
2023-12-18 03:48 - 2023-12-18 03:48 - 000000000 ____D C:\Program Files (x86)\Ubisoft
2023-12-18 03:46 - 2023-12-18 03:47 - 234916808 _____ (Ubisoft) C:\Users\sprzetowo\Downloads\UbisoftConnectInstaller (1).exe
2023-12-18 03:44 - 2023-12-18 03:45 - 234916808 _____ (Ubisoft) C:\Users\sprzetowo\Downloads\UbisoftConnectInstaller.exe
2023-12-18 03:31 - 2023-12-18 03:31 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Applied Acoustics Systems
2023-12-18 03:30 - 2023-12-18 03:38 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Celemony Software GmbH
2023-12-18 03:30 - 2023-12-18 03:30 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\SynthMaker
2023-12-18 02:39 - 2023-12-18 02:39 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2023-12-18 02:39 - 2023-12-18 02:39 - 000000000 ____D C:\ProgramData\Celemony Software GmbH
2023-12-18 02:39 - 2023-12-18 02:39 - 000000000 ____D C:\Program Files\Common Files\VST3
2023-12-18 02:39 - 2023-12-18 02:39 - 000000000 ____D C:\Program Files\Common Files\VST2
2023-12-18 02:39 - 2023-12-18 02:39 - 000000000 ____D C:\Program Files\Common Files\Celemony
2023-12-18 02:39 - 2023-12-18 02:39 - 000000000 ____D C:\Program Files\Common Files\Avid
2023-12-18 02:39 - 2023-12-18 02:39 - 000000000 ____D C:\Program Files\Celemony
2023-12-18 02:39 - 2023-12-18 02:39 - 000000000 ____D C:\Program Files (x86)\Celemony
2023-12-18 02:36 - 2023-12-18 02:36 - 000001858 _____ C:\Users\sprzetowo\AppData\Roaming\Microsoft\Windows\Start Menu\Mixcraft 9 Pro Studio (64-bit).lnk
2023-12-18 02:36 - 2023-12-18 02:36 - 000001834 _____ C:\Users\sprzetowo\Desktop\Mixcraft 9 Pro Studio (64-bit).lnk
2023-12-18 02:35 - 2023-12-18 02:35 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Acoustica
2023-12-18 02:34 - 2023-12-18 02:34 - 000000000 ____D C:\Program Files\Common Files\Propellerhead Software
2023-12-18 02:32 - 2023-12-18 02:32 - 000000000 ____D C:\Program Files (x86)\VST
2023-12-18 02:29 - 2023-12-18 03:34 - 000000000 ____D C:\Program Files\Acoustica Mixcraft 9
2023-12-18 02:29 - 2023-12-18 02:32 - 000000000 ____D C:\ProgramData\Acoustica
2023-12-18 02:29 - 2020-02-26 22:00 - 000615899 _____ C:\Users\sprzetowo\Desktop\Acoustica_KeyGen.exe
2023-12-18 02:29 - 2020-02-26 22:00 - 000001012 _____ C:\Users\sprzetowo\Desktop\Acoustica_Hosts_Patch.cmd
2023-12-18 01:54 - 2023-12-18 01:54 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Microsoft\HTML Help
2023-12-18 01:53 - 2023-12-18 01:58 - 000001040 _____ C:\Users\Public\Desktop\WinRAR.lnk
2023-12-18 01:53 - 2023-12-18 01:53 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\WinRAR
2023-12-18 01:50 - 2023-12-18 02:27 - 000000000 ____D C:\Program Files\WinRAR
2023-12-18 01:49 - 2023-12-18 01:49 - 003824480 _____ C:\Users\sprzetowo\Downloads\winrar-x64-624cz.exe
2023-12-18 01:30 - 2023-12-18 01:30 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Microsoft\WordPad
2023-12-18 01:12 - 2023-12-18 01:12 - 000002685 _____ C:\Users\sprzetowo\Desktop\Google Password Manager.lnk
2023-12-18 01:12 - 2023-12-18 01:12 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome
2023-12-18 00:50 - 2023-12-18 00:50 - 000002016 _____ C:\Users\Public\Desktop\ESET Zabezpečené bankovnictví a prohlížení webu.lnk
2023-12-18 00:50 - 2023-12-18 00:50 - 000000000 ____D C:\Users\sprzetowo\AppData\Local\ESET
2023-12-18 00:50 - 2023-12-18 00:50 - 000000000 ____D C:\ProgramData\ESET
2023-12-18 00:50 - 2023-12-18 00:50 - 000000000 ____D C:\Program Files\ESET
2023-12-18 00:44 - 2023-12-18 00:44 - 009798776 _____ (ESET) C:\Users\sprzetowo\Downloads\eset_smart_security_premium_live_installer.exe
2023-12-17 23:20 - 2023-12-17 23:20 - 000000000 ____D C:\ProgramData\PLUG
2023-12-17 23:19 - 2023-12-18 01:30 - 074711040 _____ C:\WINDOWS\system32\config\SOFTWARE
2023-12-17 23:16 - 2023-12-17 23:19 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2023-12-17 23:15 - 2023-12-17 23:15 - 000000000 ____D C:\WINDOWS\InboxApps
2023-12-17 21:27 - 2023-12-17 21:27 - 000016707 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2023-12-17 21:12 - 2023-12-17 21:12 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-12-17 21:05 - 2023-12-17 21:08 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-12-17 21:04 - 2023-12-17 21:04 - 000000000 ____D C:\Program Files\RUXIM
2023-12-17 20:28 - 2023-12-23 17:04 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-12-17 20:28 - 2023-12-23 17:04 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-12-17 20:28 - 2023-12-17 20:28 - 000000000 ____D C:\Users\sprzetowo\AppData\Local\Google
2023-12-17 20:28 - 2023-12-17 20:28 - 000000000 ____D C:\Program Files\Google
2023-12-17 20:27 - 2023-12-23 20:32 - 000000000 ____D C:\Program Files (x86)\Google
2023-12-17 20:27 - 2023-12-17 20:27 - 001376304 _____ (Google LLC) C:\Users\sprzetowo\Downloads\ChromeSetup.exe
2023-12-17 20:27 - 2023-12-17 20:27 - 000003844 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{DED0EAD3-4673-4C13-BBB0-02098BAC9E1E}
2023-12-17 20:27 - 2023-12-17 20:27 - 000003720 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{90C3A1DA-F088-49D8-9DB3-61DD99793B9C}
2023-12-17 20:06 - 2023-12-17 20:06 - 000000375 _____ C:\Users\sprzetowo\Desktop\Ovládací panely – zástupce.lnk
2023-12-17 20:05 - 2023-12-17 20:05 - 000000000 ___HD C:\$WinREAgent
2023-12-17 20:04 - 2023-12-17 20:04 - 000000000 ____D C:\Users\sprzetowo\Documents\FeedbackHub
2023-12-17 19:43 - 2023-12-17 19:43 - 000000000 ____D C:\Users\sprzetowo\AppData\Local\OneDrive
2023-12-17 17:11 - 2023-12-17 19:57 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Microsoft\Spelling
2023-12-17 16:52 - 2023-12-17 16:52 - 000000000 ____D C:\Users\sprzetowo\AppData\Local\Comms
2023-12-17 16:43 - 2023-12-23 17:06 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1276438215-3619228080-4072379647-1001
2023-12-17 16:42 - 2023-12-23 17:06 - 000003388 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1276438215-3619228080-4072379647-1001
2023-12-17 16:42 - 2023-12-18 03:51 - 000000000 ____D C:\Users\sprzetowo\AppData\Local\D3DSCache
2023-12-17 16:42 - 2023-12-18 02:07 - 000000000 ____D C:\Users\sprzetowo\AppData\Local\PlaceholderTileLogoFolder
2023-12-17 16:42 - 2023-12-17 16:42 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2023-12-17 16:41 - 2023-12-17 16:41 - 000000000 ____D C:\Users\sprzetowo\AppData\Local\Publishers
2023-12-17 16:40 - 2023-12-23 18:40 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-12-17 16:40 - 2023-12-18 03:31 - 000000000 ____D C:\Users\sprzetowo\AppData\Local\VirtualStore
2023-12-17 16:40 - 2023-12-18 02:07 - 000000000 ____D C:\Users\sprzetowo\AppData\Local\Packages
2023-12-17 16:40 - 2023-12-17 23:20 - 000000000 ____D C:\Users\sprzetowo\AppData\Local\ConnectedDevicesPlatform
2023-12-17 16:40 - 2023-12-17 17:31 - 000000000 ____D C:\ProgramData\Packages
2023-12-17 16:40 - 2023-12-17 16:40 - 000000020 ___SH C:\Users\sprzetowo\ntuser.ini
2023-12-17 16:40 - 2023-12-17 16:40 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Microsoft\Network
2023-12-17 16:40 - 2023-12-17 16:40 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Adobe
2023-12-17 16:35 - 2023-12-18 01:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-12-17 16:35 - 2023-12-17 20:05 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-12-17 16:35 - 2023-12-17 16:35 - 000003638 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-12-17 16:35 - 2023-12-17 16:35 - 000003544 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1da30fd81d88c79
2023-12-17 16:35 - 2023-12-17 16:35 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2023-12-17 16:35 - 2023-12-17 16:35 - 000000000 _SHDL C:\Users\Default User
2023-12-17 16:35 - 2023-12-17 16:35 - 000000000 _SHDL C:\Users\All Users
2023-12-17 16:35 - 2023-12-17 16:35 - 000000000 _SHDL C:\ProgramData\Šablony
2023-12-17 16:35 - 2023-12-17 16:35 - 000000000 _SHDL C:\ProgramData\Plocha
2023-12-17 16:35 - 2023-12-17 16:35 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2023-12-17 16:35 - 2023-12-17 16:35 - 000000000 _SHDL C:\ProgramData\Dokumenty
2023-12-17 16:35 - 2023-12-17 16:35 - 000000000 _SHDL C:\ProgramData\Data aplikací
2023-12-17 16:33 - 2023-12-17 16:33 - 000023758 _____ C:\Users\sprzetowo\Desktop\Odebrané aplikace.html
2023-12-17 16:33 - 2023-12-17 16:33 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Microsoft\SystemCertificates
2023-12-17 16:33 - 2023-12-17 16:33 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Microsoft\Crypto
2023-12-17 16:30 - 2023-12-23 17:06 - 000002393 _____ C:\Users\sprzetowo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-12-17 16:30 - 2023-12-17 16:40 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Microsoft\Windows
2023-12-17 16:30 - 2023-12-17 16:40 - 000000000 ____D C:\Users\sprzetowo
2023-12-17 16:30 - 2023-12-17 16:30 - 000000000 _SHDL C:\Users\sprzetowo\Šablony
2023-12-17 16:30 - 2023-12-17 16:30 - 000000000 _SHDL C:\Users\sprzetowo\Soubory cookie
2023-12-17 16:30 - 2023-12-17 16:30 - 000000000 _SHDL C:\Users\sprzetowo\Poslední
2023-12-17 16:30 - 2023-12-17 16:30 - 000000000 _SHDL C:\Users\sprzetowo\Okolní tiskárny
2023-12-17 16:30 - 2023-12-17 16:30 - 000000000 _SHDL C:\Users\sprzetowo\Okolní síť
2023-12-17 16:30 - 2023-12-17 16:30 - 000000000 _SHDL C:\Users\sprzetowo\Nabídka Start
2023-12-17 16:30 - 2023-12-17 16:30 - 000000000 _SHDL C:\Users\sprzetowo\Dokumenty
2023-12-17 16:30 - 2023-12-17 16:30 - 000000000 _SHDL C:\Users\sprzetowo\Documents\Obrázky
2023-12-17 16:30 - 2023-12-17 16:30 - 000000000 _SHDL C:\Users\sprzetowo\Documents\Hudba
2023-12-17 16:30 - 2023-12-17 16:30 - 000000000 _SHDL C:\Users\sprzetowo\Documents\Filmy
2023-12-17 16:30 - 2023-12-17 16:30 - 000000000 _SHDL C:\Users\sprzetowo\Data aplikací
2023-12-17 16:30 - 2023-12-17 16:30 - 000000000 _SHDL C:\Users\sprzetowo\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2023-12-17 16:30 - 2023-12-17 16:30 - 000000000 _SHDL C:\Users\sprzetowo\AppData\Local\Data aplikací
2023-12-17 16:27 - 2023-12-23 18:37 - 000000000 ____D C:\ProgramData\NVIDIA
2023-12-17 16:27 - 2023-12-23 17:05 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-12-17 16:27 - 2023-12-17 20:33 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2023-12-17 16:27 - 2023-12-17 16:27 - 000979199 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2023-12-17 16:27 - 2023-12-17 16:27 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2023-12-17 16:27 - 2023-12-17 16:27 - 000000000 ____H C:\ProgramData\DP45977C.lfl
2023-12-17 16:27 - 2023-12-17 16:27 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2023-12-17 16:27 - 2023-12-17 16:27 - 000000000 ____D C:\WINDOWS\system32\lxss
2023-12-17 16:27 - 2023-12-17 16:27 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2023-12-17 16:27 - 2023-12-17 16:27 - 000000000 ____D C:\WINDOWS\system32\DAX3
2023-12-17 16:27 - 2023-12-17 16:27 - 000000000 ____D C:\WINDOWS\system32\DAX2
2023-12-17 16:27 - 2023-12-17 16:27 - 000000000 ____D C:\ProgramData\Audyssey Labs
2023-12-17 16:27 - 2023-12-17 16:27 - 000000000 ____D C:\Program Files\Realtek
2023-12-17 16:26 - 2023-12-23 20:12 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-12-17 16:26 - 2023-12-18 01:30 - 000008192 ___SH C:\DumpStack.log.tmp
2023-12-17 16:26 - 2023-12-17 23:20 - 000260632 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-12-17 16:25 - 2023-12-23 18:16 - 000000000 ____D C:\WINDOWS\Panther
2023-12-17 16:22 - 2023-12-23 17:30 - 000000000 ____D C:\Windows.old
2023-12-17 16:21 - 2023-12-17 16:21 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2023-12-17 16:20 - 2023-12-17 16:20 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2023-12-17 16:20 - 2023-12-17 16:20 - 000000000 ____D C:\WINDOWS\Setup
2023-12-17 16:19 - 2023-12-23 18:40 - 000682184 _____ C:\WINDOWS\system32\perfh005.dat
2023-12-17 16:19 - 2023-12-23 18:40 - 000137000 _____ C:\WINDOWS\system32\perfc005.dat
2023-12-17 16:19 - 2023-12-17 16:41 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\SysWOW64\0409
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\system32\winrm
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\system32\WCN
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\system32\slmgr
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\system32\cs
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\system32\0409
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\OCR
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\DigitalLocker
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\addins
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\ProgramData\ssh
2023-12-17 16:17 - 2023-12-23 20:32 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-12-17 16:17 - 2023-12-23 19:54 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-12-17 16:17 - 2023-12-23 19:16 - 000000000 ___RD C:\Program Files (x86)
2023-12-17 16:17 - 2023-12-23 19:15 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-12-17 16:17 - 2023-12-23 18:37 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-12-17 16:17 - 2023-12-23 17:54 - 000000000 ___HD C:\Program Files\WindowsApps
2023-12-17 16:17 - 2023-12-23 17:04 - 000000000 ____D C:\WINDOWS\appcompat
2023-12-17 16:17 - 2023-12-18 00:50 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-12-17 16:17 - 2023-12-17 23:15 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-12-17 16:17 - 2023-12-17 23:15 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-12-17 16:17 - 2023-12-17 23:15 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-12-17 16:17 - 2023-12-17 23:15 - 000000000 ____D C:\WINDOWS\SystemResources
2023-12-17 16:17 - 2023-12-17 23:15 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-12-17 16:17 - 2023-12-17 23:15 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-12-17 16:17 - 2023-12-17 23:15 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-12-17 16:17 - 2023-12-17 23:15 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-12-17 16:17 - 2023-12-17 23:15 - 000000000 ____D C:\WINDOWS\Provisioning
2023-12-17 16:17 - 2023-12-17 23:15 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-12-17 16:17 - 2023-12-17 23:15 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-12-17 16:17 - 2023-12-17 20:04 - 000000000 ____D C:\Program Files\Windows Defender
2023-12-17 16:17 - 2023-12-17 16:57 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-12-17 16:17 - 2023-12-17 16:57 - 000000000 ____D C:\WINDOWS\ServiceState
2023-12-17 16:17 - 2023-12-17 16:41 - 000000000 ____D C:\WINDOWS\system32\spool
2023-12-17 16:17 - 2023-12-17 16:41 - 000000000 ____D C:\ProgramData\USOPrivate
2023-12-17 16:17 - 2023-12-17 16:35 - 000000000 ____D C:\Program Files\Windows NT
2023-12-17 16:17 - 2023-12-17 16:33 - 000000000 __RHD C:\Users\Public\Libraries
2023-12-17 16:17 - 2023-12-17 16:33 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows
2023-12-17 16:17 - 2023-12-17 16:26 - 000000000 ____D C:\WINDOWS\system32\config\TxR
2023-12-17 16:17 - 2023-12-17 16:23 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2023-12-17 16:17 - 2023-12-17 16:22 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ___SD C:\WINDOWS\system32\F12
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ___SD C:\WINDOWS\system32\dsc
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\system32\setup
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\system32\MUI
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\system32\Com
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\IME
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\Help
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\Program Files\Common Files\System
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\Program Files (x86)\Windows NT
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 __SHD C:\Program Files\Windows Sidebar
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 __RSD C:\WINDOWS\Media
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ___SD C:\WINDOWS\system32\Nui
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ___SD C:\WINDOWS\system32\Configuration
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ___HD C:\WINDOWS\LanguageOverlayCache
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\Web
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\WaaS
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\Vss
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\tracing
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\TAPI
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ras
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\Msdtc
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SystemApps
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\winevt
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\ti-et
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\ta-lk
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\ta-in
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\si-lk
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\ras
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\ProximityToast
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\PointOfService
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\osa-Osge-001
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\NDF
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\my-mm
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\Macromed
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\Keywords
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\Ipmi
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\IME
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\icsxml
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\ias
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\Hydrogen
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\GroupPolicyUsers
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\ff-Adlm-SN
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\DriverState
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\downlevel
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\ContainerSettingsProviders
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\config\RegBack
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\config\Journal
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\Bthprops
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\am-et
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\System
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SKB
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\schemas
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SchCache
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\security
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\Resources
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\rescache
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\Registration
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\PLA
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\Performance
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\ModemLogs
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\L2Schemas
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\InputMethod
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\IdentityCRL
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\Globalization
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\DiagTrack
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\Cursors
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\Containers
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\Branding
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\ProgramData\USOShared
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\Program Files\Windows Security
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\Program Files\Windows Portable Devices
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\Program Files\ModifiableWindowsApps
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\Program Files\Common Files\Services
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2023-12-17 16:17 - 2023-12-17 16:15 - 000017635 _____ C:\WINDOWS\system32\Drivers\etc\services
2023-12-17 16:17 - 2023-12-17 16:15 - 000003103 _____ C:\WINDOWS\SysWOW64\mmc.exe.config
2023-12-17 16:17 - 2023-12-17 16:15 - 000003103 _____ C:\WINDOWS\system32\mmc.exe.config
2023-12-17 16:17 - 2023-12-17 16:15 - 000001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol
2023-12-17 16:17 - 2023-12-17 16:15 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2023-12-17 16:17 - 2023-12-17 16:15 - 000000407 _____ C:\WINDOWS\system32\Drivers\etc\networks
2023-12-17 16:15 - 2023-12-23 19:19 - 000000000 ____D C:\WINDOWS\INF
2023-12-17 16:12 - 2023-12-18 01:30 - 013107200 _____ C:\WINDOWS\system32\config\SYSTEM
2023-12-17 16:12 - 2023-12-18 01:30 - 000524288 _____ C:\WINDOWS\system32\config\DEFAULT
2023-12-17 16:12 - 2023-12-18 01:30 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-12-17 16:12 - 2023-12-18 01:30 - 000065536 _____ C:\WINDOWS\system32\config\SAM
2023-12-17 16:12 - 2023-12-18 01:30 - 000032768 _____ C:\WINDOWS\system32\config\SECURITY
2023-12-17 16:12 - 2023-12-17 23:15 - 000000000 ____D C:\WINDOWS\servicing
2023-12-17 16:12 - 2023-12-17 21:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-12-17 16:12 - 2023-12-17 16:51 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-12-17 16:12 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\SMI
2023-12-17 16:10 - 2023-12-17 16:25 - 000000000 ___HD C:\$SysReset
2023-12-13 18:04 - 2023-12-13 18:04 - 007869664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\SET1B0A.tmp
2023-12-13 18:04 - 2023-12-13 18:04 - 006745776 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\SET23D5.tmp
2023-11-27 02:10 - 2023-11-27 02:12 - 000000000 ____D C:\Users\sprzetowo\Documents\Acoustica Mixcraft 10 Pro Studio v10.1 b579 WIN-XAIR
2023-11-27 02:09 - 2023-11-27 02:10 - 229485268 _____ C:\Users\sprzetowo\Documents\Acoustica Mixcraft 10 Pro Studio v10.1 b579 WIN-XAIR.rar
2023-11-27 02:05 - 2023-11-27 02:05 - 000055528 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2023-11-27 00:17 - 2023-11-27 00:17 - 000000000 ____D C:\Users\sprzetowo\Documents\MANDA_AUDIO
2023-11-27 00:12 - 2023-12-17 16:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Celemony
2023-11-27 00:12 - 2023-11-27 00:12 - 000000000 ____D C:\Users\Public\Documents\Celemony
2023-11-26 23:48 - 2020-02-26 22:00 - 000615899 _____ C:\Users\sprzetowo\Downloads\Acoustica_KeyGen.exe
2023-11-26 23:47 - 2022-06-14 16:02 - 000000000 ____D C:\Users\sprzetowo\Downloads\Acoustica.Mixcraft.Pro.Studio.9.0.Build.470.Multilingual.x64
2023-11-26 23:46 - 2023-12-18 03:38 - 000000000 ____D C:\Users\sprzetowo\Desktop\backup
2023-11-26 23:37 - 2023-11-26 23:45 - 540664092 _____ C:\Users\sprzetowo\Downloads\Acoustica.Mixcraft.Pro.Studio.9.0.Build.470.Multilingual.x64.rar
2023-11-26 22:00 - 2023-11-27 02:14 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Acoustica Mixcraft 10
2023-11-26 21:53 - 2023-11-26 23:33 - 000000000 ____D C:\Users\sprzetowo\Downloads\Acoustica.Mixcraft.v10.1.b579.Recording.Studio.Team XAIR (2023)
2023-11-26 21:52 - 2023-11-26 21:53 - 233347789 _____ C:\Users\sprzetowo\Downloads\Acoustica.Mixcraft.v10.1.b579.Recording.Studio.Team XAIR (2023).rar
2023-11-26 05:37 - 2023-11-26 05:41 - 521977677 _____ C:\Users\sprzetowo\Downloads\Acoustica Mixcraft Pro Studio 9.0 Build 470 Multilingual x64[PeskTop.com].rar

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-12-23 19:26 - 2022-11-04 13:23 - 000000000 ____D C:\Users\sprzetowo\AppData\LocalLow\IObit
2023-12-23 18:17 - 2023-09-30 17:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 11
2023-12-23 18:16 - 2022-11-28 23:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TLauncher
2023-12-23 17:21 - 2022-11-29 03:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
2023-12-23 17:05 - 2022-11-28 22:01 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-12-18 03:52 - 2022-12-01 03:11 - 000000235 _____ C:\Users\sprzetowo\Desktop\Assassin's Creed Valhalla.url
2023-12-18 03:33 - 2023-11-15 01:20 - 001475600 _____ C:\Users\sprzetowo\Desktop\Open song.mx9
2023-12-18 02:36 - 2023-02-04 03:48 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Acoustica Mixcraft 9 (64-bit)
2023-12-18 01:58 - 2023-02-04 03:32 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-12-18 01:58 - 2023-02-04 03:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-12-17 16:42 - 2020-03-10 11:34 - 000000000 ___RD C:\Users\sprzetowo\OneDrive
2023-12-17 16:40 - 2020-03-10 10:30 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-12-17 16:40 - 2020-03-10 10:30 - 000000000 ___RD C:\Users\sprzetowo\3D Objects
2023-12-17 16:33 - 2022-11-29 02:37 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2023-12-17 16:22 - 2023-11-20 23:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
2023-12-17 16:22 - 2023-10-25 03:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2023-12-17 16:22 - 2023-05-31 23:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2023-12-17 16:22 - 2023-04-26 19:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2023-12-17 16:22 - 2023-03-06 00:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\M-Audio
2023-12-17 16:22 - 2023-02-04 03:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IK Multimedia
2023-12-17 16:22 - 2022-12-13 02:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrueCrypt
2023-12-17 16:22 - 2022-11-29 01:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2023-12-12 03:15 - 2023-10-01 21:51 - 000000000 ____D C:\Users\sprzetowo\Desktop\za pár key
2023-12-11 00:10 - 2023-07-10 08:24 - 000000000 ___RD C:\Users\sprzetowo\Documents\Saved Pictures
2023-12-11 00:00 - 2022-12-01 01:36 - 000000000 ____D C:\Users\sprzetowo\Documents\HESLA 2022
2023-11-28 20:12 - 2022-12-01 00:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Software Updater
2023-11-27 00:19 - 2023-11-19 15:40 - 000000000 ____D C:\Users\sprzetowo\Documents\Mixcraft Projects

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
--------------------------------------------------------------------------------------------------------------------------------------------
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-12-2023
Ran by sprzetowo (23-12-2023 20:37:39)
Running from C:\Users\sprzetowo\Downloads
Microsoft Windows 10 Home Version 22H2 19045.3803 (X64) (2023-12-17 15:40:49)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1276438215-3619228080-4072379647-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1276438215-3619228080-4072379647-503 - Limited - Disabled)
Guest (S-1-5-21-1276438215-3619228080-4072379647-501 - Limited - Disabled)
sprzetowo (S-1-5-21-1276438215-3619228080-4072379647-1001 - Administrator - Enabled) => C:\Users\sprzetowo
WDAGUtilityAccount (S-1-5-21-1276438215-3619228080-4072379647-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {26E0861C-6FB9-CEF9-E4F0-531986211ACE}
FW: ESET Firewall (Enabled) {1EDB0739-25D6-CFA1-CFAF-FA2C78F25DB5}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acoustica Mixcraft 9 Pro Studio (64-bit) (HKLM-x32\...\Mixcraft 9-64) (Version: 9.0.0.470 - Acoustica)
Advanced SystemCare (HKLM-x32\...\Advanced SystemCare_is1) (Version: 17.1.0 - IObit)
Assassin's Creed Valhalla (HKLM-x32\...\Uplay Install 13504) (Version: - Ubisoft)
Driver Booster 11 (HKLM-x32\...\Driver Booster_is1) (Version: 11.1.0 - IObit)
ESET Security (HKLM\...\{B5798854-224A-40DB-A3B7-BECF8F838238}) (Version: 17.0.15.0 - ESET, spol. s r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 120.0.6099.111 - Google LLC)
Google Password Manager (HKU\S-1-5-21-1276438215-3619228080-4072379647-1001\...\9972a62044e12a983df9557faf51e49c) (Version: 1.0 - Google\Chrome)
Melodyne 4 (HKLM-x32\...\{16DF894D-FC3F-4B87-908D-671E201CD7A8}) (Version: 4.02.0401 - Celemony Software GmbH)
Melodyne Runtime 4.1 (x64) (HKLM\...\{721E4E34-AF7C-4345-93F9-282CCC8CCCB5}) (Version: 1.0.2 - Celemony Software GmbH)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 120.0.2210.91 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 120.0.2210.77 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1276438215-3619228080-4072379647-1001\...\OneDriveSetup.exe) (Version: 23.246.1127.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
NVIDIA Ovladače grafiky 546.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 546.33 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 148.2.10984 - Ubisoft)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
WinRAR 6.24 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.24.0 - win.rar GmbH)

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2023-12-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2023-12-18] (Microsoft Corporation) [MS Ad]
-My Notes- -> C:\Program Files\WindowsApps\22944SamJarawan.-MyNotes-_2.1.47.0_x64__3gv8nk7frgb5p [2023-12-18] (Sam Jarawan) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\nvidiacorp.nvidiacontrolpanel_8.1.964.0_x64__56jybvy8sckqj [2023-12-23] (NVIDIA Corp.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.18.11020.0_x64__8wekyb3d8bbwe [2023-12-17] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0 [2023-12-17] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2023-07-13] (IObit CO., LTD -> IObit)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-11-14] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2023-07-13] (IObit CO., LTD -> IObit)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-11-14] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2023-07-13] (IObit CO., LTD -> IObit)
ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2023-07-13] (IObit CO., LTD -> IObit)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_866484083fc526af\nvshext.dll [2023-12-23] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-11-14] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\sprzetowo\Desktop\Google Password Manager.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\sprzetowo\AppData\Local\Microsoft\Edge\User Data\Default\Pinned Sites\MSEdge._pin_celnaknmndgffhbhciignkeokb\Facebook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --pin-url=hxxps://www.facebook.com/ --profile-directory=Default
ShortcutWithArgument: C:\Users\sprzetowo\AppData\Local\Microsoft\Edge\User Data\Default\Pinned Sites\MSEdge._pin_adnlfjpnmiaohpidplnoimahfh\YouTube.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --pin-url=hxxps://www.youtube.com/ --profile-directory=Default
ShortcutWithArgument: C:\Users\sprzetowo\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_kajebgjangihfbkjfejcanhanjmmbcfd\Google Password Manager.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\sprzetowo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Google Password Manager.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\sprzetowo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Facebook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --pin-url=hxxps://www.facebook.com/ --profile-directory=Default
ShortcutWithArgument: C:\Users\sprzetowo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Password Manager.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\sprzetowo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\YouTube.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --pin-url=hxxps://www.youtube.com/ --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2023-12-18 00:52 - 2023-12-18 00:52 - 005855744 _____ (ESET, spol. s r.o. -> ESET) [File not signed] C:\Program Files\ESET\ESET Security\Modules\em045_64\1087\em045_64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO-x32: IObit Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2023-07-13] (IObit CO., LTD -> IObit)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2023-12-17 16:17 - 2023-12-17 16:15 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1276438215-3619228080-4072379647-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\sprzetowo\AppData\Local\FastStone\FSIV\FSViewerWallPaper.bmp
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1276438215-3619228080-4072379647-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_F65DF9D52833C185E3A8339600663ABC"
HKU\S-1-5-21-1276438215-3619228080-4072379647-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F3A4CB42-3EC3-4DA6-A575-8E9D90B8C43C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AC69E074-E4BC-491B-B92F-D782C19BF475}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{66E5F382-3D3C-446C-B70B-C296E8C81E56}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7E1731BA-5626-4513-8D7E-FED20D452013}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B2491AC6-318C-41EC-8EB1-7E8E374DA794}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.77\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7714CAC2-28A2-4271-84D0-8970A1A4EE0F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D6EB8114-29B2-4371-A990-5CF1586B0038}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9B890A07-1332-4C7E-9CDB-BD1809DA8F98}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DAEE86E1-2209-4D4F-ADB6-2CCE1771CB19}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D4A96E7D-3858-4CCA-8BE6-D9CBC8570582}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{086FC93C-ED2A-4E86-9C11-F72E51B6E7A4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E230A3CF-7129-47A4-92BD-F17AA39EC9B6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7A14121B-6649-4A5F-897E-19E5162A0BD4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{72CF256E-7C5D-4406-8FDA-53D96E86F48A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9AD1CDCC-C34D-4482-876D-93D449ABC09C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F2F183A3-03A5-435E-B6F0-85ABCFDAFF96}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

23-12-2023 17:55:13 Naplánovaný kontrolní bod
23-12-2023 18:28:37 Driver Booster : NVIDIA GeForce GTX 980 Ti

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/23/2023 06:37:43 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002

Error: (12/23/2023 06:37:43 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002

Error: (12/23/2023 06:37:43 PM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003

Error: (12/18/2023 01:30:11 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (12/18/2023 12:54:38 AM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002

Error: (12/18/2023 12:54:38 AM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002

Error: (12/18/2023 12:54:38 AM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003

Error: (12/17/2023 04:35:04 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu Windows Defender na SECURITY_PRODUCT_STATE_ON došlo k chybě.


System errors:
=============
Error: (12/18/2023 01:30:10 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-M8LDTVG)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/17/2023 10:36:58 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/17/2023 10:18:33 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/17/2023 09:04:42 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80240017): Aktualizace antimalwarové platformy programu Windows Defender Antivirus – KB4052623 (verze 4.18.2001.10).

Error: (12/17/2023 08:06:07 PM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk1\DR1 má chybný blok.

Error: (12/17/2023 08:06:07 PM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk1\DR1 má chybný blok.

Error: (12/17/2023 04:33:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Prohledávání počítačů závisí na službě Pracovní stanice, která neuspěla při spuštění v důsledku následující chyby:
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.

Error: (12/17/2023 04:33:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Prohledávání počítačů závisí na službě Pracovní stanice, která neuspěla při spuštění v důsledku následující chyby:
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.


Windows Defender:
================
Date: 2023-12-18 00:52:27
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files\ESET\ESET Security\ekrn.exe provádění změn v paměti.
Čas detekce: 2023-12-17T23:52:27.053Z
Uživatel: NT AUTHORITY\SYSTEM
Cesta: \Device\Harddisk0\DR0
Název procesu: C:\Program Files\ESET\ESET Security\ekrn.exe
Verze bezpečnostních informací: 1.403.674.0
Verze modulu: 1.1.23110.2
Verze produktu: 4.18.23110.3

Date: 2023-12-17 23:13:26
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Keygen
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: containerfile:_C:\Windows.old\Users\Jirka\Downloads\IK Multimedia - MODO DRUM 1.1.3 STANDALONE, VSTi, VSTi3, AAX x64\R2R\IK_Multimedia_Keygen.exe; containerfile:_C:\Windows.old\Users\sprzetowo\AppData\Local\Packages\49775MorningInSeattle.AZTorrentDownloader_3qjtgnwv8t714\LocalState\Downloads\IK.Multimedia.MODO.DRUM.v1.1.3.Incl.Keygen-R2R\R2R\IK_Multimedia_Keygen.exe; file:_C:\Windows.old\Users\Jirka\Downloads\IK Multimedia - MODO DRUM 1.1.3 STANDALONE, VSTi, VSTi3, AAX x64\R2R\IK_Multimedia_Keygen.exe->(nsis-6-keygen.exe); file:_C:\Windows.old\Users\sprzetowo\AppData\Local\Packages\49775MorningInSeattle.AZTorrentDownloader_3qjtgnwv8t714\LocalState\Downloads\IK.Multimedia.MODO.DRUM.v1.1.3.Incl.Keygen-R2R\R2R\IK_Multimedia_Keygen.exe->(nsis-6-keygen.exe)
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Uživatel
Uživatel: DESKTOP-M8LDTVG\sprzetowo
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.403.667.0, AS: 1.403.667.0, NIS: 1.403.667.0
Verze modulu: AM: 1.1.23110.2, NIS: 1.1.23110.2

CodeIntegrity:
===============
Date: 2023-12-23 20:17:17
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2023-12-23 19:17:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO 9HKT46AUS 12/15/2011
Motherboard: LENOVO
Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 23%
Total physical RAM: 16342.33 MB
Available physical RAM: 12450.82 MB
Total Virtual: 19286.33 MB
Available Virtual: 13889.9 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:446.06 GB) (Free:247.95 GB) (Model: SSDPR-CL100-960-G3) NTFS
Drive d: (Rezervováno systémem) (Fixed) (Total:0.57 GB) (Free:0.11 GB) (Model: SSDPR-CL100-960-G3) NTFS ==>[system with boot components (obtained from drive)]
Drive i: (Georgies Music) (Fixed) (Total:238.47 GB) (Free:152.37 GB) (Model: Vaseky V 800/256G USB Device) NTFS

\\?\Volume{82286e84-55c8-46eb-9b65-266485d8f06f}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\\?\Volume{6a5f88f4-d9ef-42c6-8527-e34a172fa528}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 894.3 GB) (Disk ID: 698A0A59)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: 600451AA)
Partition 1: (Active) - (Size=238.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Re: mám v compu malware změnil mi email v microcoftu

Napsal: 23 pro 2023 21:58
od Rudy
Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: mám v compu malware změnil mi email v microcoftu

Napsal: 23 pro 2023 22:32
od jirkabj
také Vás zdravím tady je log ale udělal jen již předtím jeden a uložilo mi to několik souború do karanteny kterou jsem pak vymazal možná tam něco bylo


# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 12-23-2023
# Duration: 00:00:05
# OS: Windows 10 (Build 19045.3803)
# Scanned: 32057
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [4235 octets] - [23/12/2023 21:44:10]
AdwCleaner[C00].txt - [3933 octets] - [23/12/2023 21:45:07]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

Re: mám v compu malware změnil mi email v microcoftu

Napsal: 24 pro 2023 11:56
od Rudy
OK. Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-1276438215-3619228080-4072379647-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\sprzetowo\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
StartupDir: C:\Users\sprzetowo\AppData\Local\Temp\b64c58644b <==== ATTENTION
C:\Users\sprzetowo\AppData\Local\Temp
Task: {B14FD7E5-7A57-47F3-A15E-1B71B498CE40} - System32\Tasks\GoogleUpdateTaskMachineCore{90C3A1DA-F088-49D8-9DB3-61DD99793B9C} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-12-17] (Google LLC -> Google LLC)
Task: {8318BF9E-6A5B-4154-9F37-6B86D49F87AA} - System32\Tasks\GoogleUpdateTaskMachineUA{DED0EAD3-4673-4C13-BBB0-02098BAC9E1E} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-12-17] (Google LLC -> Google LLC)
C:\WINDOWS\system32\SET1B0A.tmp
C:\WINDOWS\SysWOW64\SET23D5.tmp
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{DED0EAD3-4673-4C13-BBB0-02098BAC9E1E}
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{90C3A1DA-F088-49D8-9DB3-61DD99793B9C}
C:\Windows.old\Users\Jirka\Downloads\IK Multimedia - MODO DRUM 1.1.3 STANDALONE, VSTi, VSTi3, AAX x64\R2R\IK_Multimedia_Keygen.exe; containerfile

EmptyTemp:
End
Uložte do C:\Users\sprzetowo\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte. Doporučuji odinstalovat IOBit. Tímto čínským šmejdem si laik může poškodit systém

Re: mám v compu malware změnil mi email v microcoftu

Napsal: 24 pro 2023 14:41
od jirkabj
Omlouvám se že otravuju na Vánoce.

---------------------------------------------------------------------------------------------------------------------------------
Fix result of Farbar Recovery Scan Tool (x64) Version: 22-12-2023
Ran by sprzetowo (24-12-2023 13:50:08) Run:1
Running from C:\Users\sprzetowo\Downloads
Loaded Profiles: sprzetowo
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-1276438215-3619228080-4072379647-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\sprzetowo\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
StartupDir: C:\Users\sprzetowo\AppData\Local\Temp\b64c58644b <==== ATTENTION
C:\Users\sprzetowo\AppData\Local\Temp
Task: {B14FD7E5-7A57-47F3-A15E-1B71B498CE40} - System32\Tasks\GoogleUpdateTaskMachineCore{90C3A1DA-F088-49D8-9DB3-61DD99793B9C} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-12-17] (Google LLC -> Google LLC)
Task: {8318BF9E-6A5B-4154-9F37-6B86D49F87AA} - System32\Tasks\GoogleUpdateTaskMachineUA{DED0EAD3-4673-4C13-BBB0-02098BAC9E1E} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-12-17] (Google LLC -> Google LLC)
C:\WINDOWS\system32\SET1B0A.tmp
C:\WINDOWS\SysWOW64\SET23D5.tmp
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{DED0EAD3-4673-4C13-BBB0-02098BAC9E1E}
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{90C3A1DA-F088-49D8-9DB3-61DD99793B9C}
C:\Windows.old\Users\Jirka\Downloads\IK Multimedia - MODO DRUM 1.1.3 STANDALONE, VSTi, VSTi3, AAX x64\R2R\IK_Multimedia_Keygen.exe; containerfile

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
"HKU\S-1-5-21-1276438215-3619228080-4072379647-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Delete Cached Update Binary" => not found
StartupDir: C:\Users\sprzetowo\AppData\Local\Temp\b64c58644b <==== ATTENTION => restored successfully

"C:\Users\sprzetowo\AppData\Local\Temp" folder move:

C:\Users\sprzetowo\AppData\Local\Temp => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B14FD7E5-7A57-47F3-A15E-1B71B498CE40}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B14FD7E5-7A57-47F3-A15E-1B71B498CE40}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore{90C3A1DA-F088-49D8-9DB3-61DD99793B9C} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{90C3A1DA-F088-49D8-9DB3-61DD99793B9C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8318BF9E-6A5B-4154-9F37-6B86D49F87AA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8318BF9E-6A5B-4154-9F37-6B86D49F87AA}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA{DED0EAD3-4673-4C13-BBB0-02098BAC9E1E} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA{DED0EAD3-4673-4C13-BBB0-02098BAC9E1E}" => removed successfully
C:\WINDOWS\system32\SET1B0A.tmp => moved successfully
C:\WINDOWS\SysWOW64\SET23D5.tmp => moved successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{DED0EAD3-4673-4C13-BBB0-02098BAC9E1E}" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{90C3A1DA-F088-49D8-9DB3-61DD99793B9C}" => not found
"C:\Windows.old\Users\Jirka\Downloads\IK Multimedia - MODO DRUM 1.1.3 STANDALONE, VSTi, VSTi3, AAX x64\R2R\IK_Multimedia_Keygen.exe; containerfile" => not found

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9535772 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 9962552 B
Edge => 0 B
Chrome => 147298292 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
sprzetowo => 3967644 B

RecycleBin => 0 B
EmptyTemp: => 162.9 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 13:55:04 ====

Re: mám v compu malware změnil mi email v microcoftu

Napsal: 24 pro 2023 16:16
od Rudy
Omlouvám se že otravuju na Vánoce
Nic se neděje. I o svátcích sem, alespoň občas, někdo nakoukne. Bylo smazáno, PC by již měl být čistý.

Re: mám v compu malware změnil mi email v microcoftu

Napsal: 25 pro 2023 17:49
od jirkabj
Moc děkuju
mám víc problémů s účty postupně se to budu snažit obnovit.
Ať se vám daří v Novém Roce.

Re: mám v compu malware změnil mi email v microcoftu

Napsal: 25 pro 2023 18:44
od Rudy
OK. V případě potřeby se můžete ozvat. Šťastný a veselý! :-)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz